Advisory:
========================
Updated avahi packages fix security vulnerability:
It was found that avahi responds to unicast queries coming from outside of
local network which may cause an information leak, such as disclosing the
device type/model that responds to the request or the operating system. The
mDNS response may also be used to amplify denial of service attacks against
other networks as the response size is greater than the size of request
(CVE-2017-6519).
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6519https://bugzilla.redhat.com/show_bug.cgi?id=1426712https://usn.ubuntu.com/3876-1/
========================
Updated packages in core/updates_testing:
========================
avahi-0.6.32-1.1.mga6
avahi-dnsconfd-0.6.32-1.1.mga6
avahi-x11-0.6.32-1.1.mga6
avahi-python-0.6.32-1.1.mga6
avahi-sharp-0.6.32-1.1.mga6
avahi-sharp-doc-0.6.32-1.1.mga6
libavahi-client3-0.6.32-1.1.mga6
libavahi-client-devel-0.6.32-1.1.mga6
libavahi-common3-0.6.32-1.1.mga6
libavahi-common-devel-0.6.32-1.1.mga6
libavahi-core7-0.6.32-1.1.mga6
libavahi-core-devel-0.6.32-1.1.mga6
libavahi-compat-libdns_sd1-0.6.32-1.1.mga6
libavahi-compat-libdns_sd-devel-0.6.32-1.1.mga6
libavahi-glib1-0.6.32-1.1.mga6
libavahi-glib-devel-0.6.32-1.1.mga6
libavahi-gobject0-0.6.32-1.1.mga6
libavahi-gobject-devel-0.6.32-1.1.mga6
libavahi-compat-howl0-0.6.32-1.1.mga6
libavahi-compat-howl-devel-0.6.32-1.1.mga6
libavahi-qt4_1-0.6.32-1.1.mga6
libavahi-qt4-devel-0.6.32-1.1.mga6
libavahi-ui-gtk3_0-0.6.32-1.1.mga6
libavahi-ui-gtk3-devel-0.6.32-1.1.mga6
libavahi-ui1-0.6.32-1.1.mga6
libavahi-ui-devel-0.6.32-1.1.mga6
libavahicore-gir0.6-0.6.32-1.1.mga6
libavahi-gir0.6-0.6.32-1.1.mga6
from avahi-0.6.32-1.1.mga6.src.rpm